Ansible Galaxy Match firewall rules

manzoorm — Mon, 09 Dec 2019 19:38:54 GMT

Hey Guys,

I am very new to Ansible and was hoping someone could help me with this issue I'm running into. I downloaded and installed ansible galaxy and was testing the following "Match firewall rules".

It works on vsys1 but if any of my firewalls don't have a vsys or the rule is on any other vsys (example vsys 2), i get the following error: "fatal: [test.xyz.com]: FAILED! => {"changed": false, "msg": "Matched \"test rule\" with \"test security-policy-match destination \"x.x.x.123\" destination-port \"443\" protocol \"6\" source \"10.x.y.z\"\", but wasn't in rulebase"}

It's weird that it matches and prints the name of the rule, but fails with "but wasn't in rulebase".

would appreciate any help.

Re: Ansible Galaxy Match firewall rules

gfreeman — Tue, 10 Dec 2019 22:08:38 GMT

A new version of the Ansible role was released just yesterday and one of the changes was to this specific module. I would recommend updating your role and then trying again, it should work. But vsys defaults to vsys="vsys1" if you don't specify otherwise, so make sure to set it appropriately if you want to run the module against a different vsys.

topic Re: Ansible Galaxy Match firewall rules in Automation/API Discussions

Ansible Galaxy Match firewall rules

Re: Ansible Galaxy Match firewall rules